A US-led operation has disrupted an international crime ring that infected hundreds of thousands of PCs across the globe with malicious software that stole more than $100 million from businesses and members of the public since 2011.

The Justice Department announced on Monday that anywhere between 500,000 and 1 million machines worldwide were affected by the virus's known as Gameover Zeus which stole banking passwords and Crytolocker, which encrypted files and blackmailed the users for their release.

Among the victims of the cyber-attacks were Pittsburgh based Reinforced Plastics of Erie, which lost $373,000 in one money transfer and the Swansea, Massachusetts police department, which paid a $750 ransom after their computers were infected.

Scroll down for video

Threat: U.S Deputy Attorney General James Cole announces two global cyber fraud disruptions of the Gameover Zeus and Cyrptolocker programs at the Department of Justice in Washington on June 2, 2014

Other victims included a Florida bank that lost nearly $7 million through an unauthorized wire transfer.

Authorities in nearly a dozen countries worked with private security companies to wrest control of the network of infected machines.

RELATED ARTICLES

Share this article

Share

'These schemes were highly sophisticated and immensely lucrative, and the cyber criminals did not make them easy to reach or disrupt,' said Leslie Caldwell, who heads the Justice Department's criminal division, to a news conference.

But while the grip of those behind the 'malware' has been weakened by the counter attack, computer experts said users must take this opportunity to install anti-virus software and update their operating systems to the latest versions to stop it regaining its hold.

'The criminals effectively held for ransom every private email, business plan, child's science project, or family photograph - every single important and personal file stored on the victim's computer,' Leslie Caldwell, the head of the Justice Department's criminal division, said at a news conference.

Those who fail to do so risk having their valuable data, including precious photographs, music and personal files held to ransom.

In the worst cases, victims could lose access to their bank accounts which could be systematically drained by the criminal network.

The Gameover Zeus software, has spread worldwide but has been temporarily disabled by the international effort by law enforcement agencies.

Potential victims can protect themselves but have only a short time to do so before the hackers rebuild the network.

Hackers will be able to install new ones, but it is thought that there will be a window of opportunity of at least two weeks for computer users to protect themselves.

Many of those whose computers have already been infected will be contacted by their internet service providers.

The software installs itself on a computer when the victim clicks on a link in an unsolicited email or via a website.

It then sends out more emails to lure further victims, without the knowledge of the computer users, and spreads quickly across the internet.

In the worst cases, victims could lose access to their bank accounts which could be systematically drained

PRIME SUSPECT: THE RUSSIAN BOAT-LOVER WANTED BY THE FBI

He is the man suspected of being behind a gang that has sparked a global cyber virus pandemic.

But the FBI has already spent years looking for Russian Evgeniy Mikhailovich Bogachev who uses the online names ‘lucky12345’ and ‘slavik’.

The 30-year-old is already wanted for his alleged involvement in a ‘racketeering enterprise’ that installed malicious software known as ‘Zeus’ on victims’ computers.

The software was used to capture bank account numbers, passwords, personal identification numbers, and other information needed to log into online banking accounts.

The FBI believes Bogachev knowingly acted in a role as an administrator while others involved in the scheme conspired to distribute spam and phishing emails, which contained links to compromised websites.

Victims who visited these web sites were infected with the malware, which Bogachev and others allegedly used to steal money from the victims’ bank accounts.

This online account takeover fraud has been investigated by the FBI since the summer of 2009.Starting in September 2011, the FBI began investigating a modified version of the Zeus Trojan, known as Gameover Zeus (GOZ).

It is believed GOZ is responsible for more than one million computer infections, resulting in financial losses in the hundreds of millions of dollars.

On August 22, 2012, Bogachev was indicted under the nickname ‘lucky12345’ by a federal grand jury in the District of Nebraska on a number of charges including Bank Fraud, Conspiracy to Violate the Computer Fraud and Abuse Act and Aggravated Identity Theft.

On May 19, 2014, Bogachev was indicted in his true name by a federal grand jury in the Western District of Pennsylvania on charges of Conspiracy, Computer Fraud, Wire Fraud, Bank Fraud and Money Laundering.

Then just days ago on May 30, a criminal complaint was issued in the District of Nebraska that ties the previously indicted nickname of ‘lucky12345’ to Bogachev and charges him with Conspiracy to Commit Bank Fraud.

He is described as white with brown hair (though his head is usually shaved) and brown eyes. He is 5ft 9ins tall and weighs around 180 pounds (82kg).

Bogachev was last known to live in Anapa, Russia. He is believed to enjoy boating and may travel to locations along the Black Sea in his boat. He also owns property in Krasnodar, Russia.

The virus lays dormant until it spots an opportunity to steal personal details such as online banking information and passwords.

It then transmits this information back to the criminal network who use it to drain the victim’s accounts.

In a further twist, if the user is not a ‘viable’ victim then the software locks the information on the computer and holds it to ransom.

Last night, the U.S. Justice Department filed papers accusing a Russian named Evgeniy Mikhailovich Bogachev as being the leader of the gang behind the software.

U.S. officials said Bogachev was last known to be living in the Black Sea resort town of Anapa.

A civil suit in Pennsylvania helped authorities get court orders to seize parts of the infected network, and on May 7, Ukrainian authorities seized and copied Gameover Zeus command servers in Kiev and Donetsk, officials said.

HOW USERS CAN PROTECT THEIR COMPUTERS AGAINST MALWARE ZEUS?

Potential victims can protect themselves but have only a short time to do so before the hackers - whose attempts have been temporarily thwarted - can rebuild their network.

The US Department of Homeland Security urged users to install anti-virus software on their computer and ensure that the latest operating systems were also installed on their computers.

If systems do not offer automatic updates, people should enable it, the department said.

It also advised changing passwords, as original passwords may have been compromised during the infection.

From that website, computer users can download tailored anti-virus software which has been provided for free.

Experts have also warned users to back-up all valuable data.

Many of those whose computers have already been infected will be contacted by their internet service providers.

He faces criminal charges in Pittsburgh, where he was named in a 14-count indictment, and in Nebraska, where a criminal complaint was filed. He has not been arrested, but Deputy Attorney General James Cole said U.S. authorities were in contact with Russia to try to bring him into custody.

Russia does not extradite accused criminals to other countries, so Bogachev may never be arrested.

'The criminals effectively held for ransom every private email, business plan, child's science project, or family photograph - every single important and personal file stored on the victim's computer,' Leslie Caldwell, the head of the Justice Department's criminal division, said at a news conference.

The FBI called the alleged ringleader, 30-year-old Evgeniy Bogachev, one of the most prolific cyber criminals in the world and issued a 'Wanted' poster, pictuted, that lists his online monikers and describes him as a boating enthusiast

Officials say the case is another stark reminder of the evolving cybercrime threat, though it's unrelated to the recently unsealed cyber-espionage indictment of five Chinese military hackers accused of stealing trade secrets from American firms.

Both sets of hackers relied on similar tactics - including sending emails to unsuspecting victims that installed malware - but the Chinese defendants were government officials who sought information that could bring companies in their country a competitive advantage.

Bogachev's operation, prosecutors say, consisted of criminals in Russia, Ukraine and the United Kingdom who were assigned different roles within the conspiracy.